muzzol wrote:
hi,
i want to generate a certificate request from command line to send to
an external CA. this is what i use:
certutil -S -n "test-server" -s "CN=testserver.example.com" -c "CA
auth" -t "u,u,u" -m 1023 -v 120 -d .
and i get this error:
certutil: unable to retrieve key CA auth: The private key for this
certificate cannot be found in key database
i've imported the root cert for CA auth though the GUI but certutil
seems not to find it.
if i create the request via GUI everything is fine, but i need to use
certutil because i need to pass additional parameters not supported by
the GUI.
any hints?
-S generates a certificate using a CA from the same database. You want
to create a Certificiate Signing Request (CSR). Try this:
certutil -R -s "CN=testserver.example.com" -d . -a
This will produce a base64-encoded CSR that you can pass along to your CA.
rob
--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
